Search form

You are here

We are the Computer Security and Incident Response Team (CSIRT) for the Janet network. Part of Jisc's Security Operations Centre, our mission is to safeguard the current and future network security of Janet (steering the security policies for all Janet connections) and of our customers, creating a secure environment to conduct your online activities. Our primary function is monitor and resolve any security incidents that occur on the Janet network, with specialists tracking a range of platforms, including Unix, Linux and Windows.

Group administrators:

These statistics only relate to information collated by Janet CSIRT and do not provide an accurate sample of security activity across the research and education sectors. The figures are frequently more closely correlated to the activity of CSIRT and our detection of events rather than their actual rates of incidence.

For example: a successful investigation by researchers into a botnet will cause that month's malware figures to rise even though the malware may have been active in previous months.

These statistics only relate to information collated by Janet CSIRT and do not provide an accurate sample of security activity across the research and education sectors. The figures are frequently more closely correlated to the activity of CSIRT and our detection of events rather than their actual rates of incidence.

For example: a successful investigation by researchers into a botnet will cause that month's malware figures to rise even though the malware may have been active in previous months.

We have observed a regional threat, targeting and attacking the UK academic sector. We have identified them through their attacking behaviours, sources of login activity, and phishing techniques. Here we present the knowledge of their tactics, techniques and procedures (TTPs) observed and how to identify them, to help institutions defend against future attacks.

These statistics only relate to information collated by Janet CSIRT and do not provide an accurate sample of security activity across the research and education sectors. The figures are frequently more closely correlated to the activity of CSIRT and our detection of events rather than their actual rates of incidence.

For example: a successful investigation by researchers into a botnet will cause that month's malware figures to rise even though the malware may have been active in previous months.

These statistics only relate to information collated by Janet CSIRT and do not provide an accurate sample of security activity across the research and education sectors. The figures are frequently more closely correlated to the activity of CSIRT and our detection of events rather than their actual rates of incidence.

For example: a successful investigation by researchers into a botnet will cause that month's malware figures to rise even though the malware may have been active in previous months.

Incident Response Triage - Eradication, Recovery and Lessons Learned

This is part two of a two-part blog set covering an overview of the Incident Response life-cycle. In response to an incident, the next life-cycle steps that follow the containment stage are the remediation steps; eradication of the threat, recovery of systems and lessons learned. This second article focuses on each of these stages, highlighting the important areas to consider within the remaining life-cycle steps.

These statistics only relate to information collated by Janet CSIRT and do not provide an accurate sample of security activity across the research and education sectors. The figures are frequently more closely correlated to the activity of CSIRT and our detection of events rather than their actual rates of incidence.

For example: a successful investigation by researchers into a botnet will cause that month's malware figures to rise even though the malware may have been active in previous months.

These statistics only relate to information collated by Janet CSIRT and do not provide an accurate sample of security activity across the research and education sectors. The figures are frequently more closely correlated to the activity of CSIRT and our detection of events rather than their actual rates of incidence.

For example: a successful investigation by researchers into a botnet will cause that month's malware figures to rise even though the malware may have been active in previous months.

These statistics only relate to information collated by Janet CSIRT and do not provide an accurate sample of security activity across the research and education sectors. The figures are frequently more closely correlated to the activity of CSIRT and our detection of events rather than their actual rates of incidence.

For example: a successful investigation by researchers into a botnet will cause that month's malware figures to rise even though the malware may have been active in previous months.